Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
1
Replies

ASA5520 conn do not expired

julxu
Level 1
Level 1

‎08-12-2009 09:36 PM - edited ‎03-11-2019 09:05 AM

Greeting

Could anyone advice me why asa5520 keep dns udp connection and never expaired.

my other connection seems ok, only udp:53 can not expire.

my timeout configure is:

sh run timeout

timeout xlate 1193:00:00

timeout conn 0:00:00 half-closed 0:00:00 udp 24:00:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

if it is related to xlate, how can I make udp expire,

Any comments will be appreciated

Thanks in advance

Labels:
0 Helpful
1 Reply 1

smalkeric
Level 6
Level 6

‎08-18-2009 08:47 AM

You may try changing the timeout value for UDP connection.

The URL below explains with an example to set the connection limits and timeouts for all traffic:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_connlimits.html#wp1088544

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card